Solved: Re: best way to configuration switch port

alialhameed94 · ‎05-17-2018

I have three ISPs with the same database. Every customer has the potential to change the server every day.I'm using vlan50 to manage all device ,Which means that each port contains 2 Vlan (Management Vlan [50] and Service Vlan [10 or 11 or 12]). Note that the service Vlan in the customer side can not be selected.

khldk · ‎05-17-2018

If I understand you correctly:

int gi1/0/1
desc client1
switchport mode trunk
switchport trunk native vlan 10
switchport trunk allowed vlan 10,50
exit

View solution in original post

khldk · ‎05-17-2018

If I understand you correctly:

int gi1/0/1
desc client1
switchport mode trunk
switchport trunk native vlan 10
switchport trunk allowed vlan 10,50
exit

alialhameed94 · ‎05-17-2018

I've done this before. But I have some problems like broadcast storm.
does Native vlan affect on switching performance?

Julio E. Moisa · ‎05-17-2018

The Native Vlan mismatch will not generate a significant problem but you will be receiving a lot of alerts. By default the native vlan is 1, a best practice is change it by other vlan (used just with this role) on both ends but I dont think the carriers change that.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Julio E. Moisa · ‎05-17-2018

Hi

If you are receiving each ISP through specific VLAN the switchport should be configured like:

CORE SW

vlan 10

name ISP1

vlan 11

name ISP2

vlan 12

name ISP3

vlan 50

name MANAGEMENT-VLAN

interface g1/0/1

description ISP1

switchport access vlan 10

switchport mode access

no shutdown

interface g1/0/2

description ISP2

switchport access vlan 11

switchport mode access

no shutdown

interface g1/0/3

description ISP3

switchport access vlan 12

switchport mode access

no shutdown

interface g1/0/4

description MANAGEMENT-ROUTER

switchport access vlan 50

switchport mode access

no shutdown

interface g1/0/5

description CLIENT3-ISP3

switchport access vlan 50

switchport mode access

no shutdown

interface g1/0/6

description CLIENT2-ISP2

switchport access vlan 11

switchport mode access

no shutdown

interface g1/0/7

description CLIENT1-ISP1

switchport access vlan 11

switchport mode access

no shutdown

If they are different clients, I dont see the reason to exchange information between them unless the same client is using different gateways for redundancy otherwise trunk interfaces should be configured on the client and core sw ports.

Hope it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

khldk · ‎05-17-2018

That wouldn't work since he is managing downstream devices, which is why he needs vlan 50 tag'ed - on the upstream ISP ports you are correct though, they should be access ports only.
Considering the setup you could also apply an incoming ACL on the ISP facing interfaces since firewalls seems to be missing as well.

alialhameed94 · ‎05-17-2018

Every customer is connected with me by (PTP Wireless Link) and i have to monitor this devices, every link from ISP have his own subnet and gateway.

For EXP:
vlan 10 subnet from ISP 10.49.221.0/24
vlan 11 subnet 10.16.33.0/24

so how can I management client without using on vlan.